/*
 * @(#)XssFilterInterceptor.java $version 2010. 10. 13.
 *
 * Copyright 2010 NHN Corp. All rights Reserved. 
 * NHN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
 */
package com.naver.newsstand.service.common.interceptor;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import com.nhncorp.lucy.security.xss.XssFilter;

/**
 * Lucy xss 필터 인터셉터
 * @author 이동국
 */
public class XssFilterInterceptor extends HandlerInterceptorAdapter {
	//	private static final Logger LOGGER = LoggerFactory.getLogger(XssFilterInterceptor.class);

	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
		XssFilter filter = XssFilter.getInstance();
		@SuppressWarnings("unchecked") Map<String, String[]> params = request.getParameterMap();
		for (String key : params.keySet()) {
			String[] values = params.get(key);
			for (int i = 0; i < values.length; i++) {
				String filteredValue = filter.doFilter(values[i]);
				values[i] = filteredValue;
			}
		}

		return true;
	}
}
